Two-factor authentication

If you activated the two-factor authentication service, you must

1. use your email credentials:  you'll be asked the OTP
2. open your app and look at the OTP code (a 6-digit code that's valid for 30 seconds) for your unimib account
3. enter the OTP code and confirm

and you'll get in.

You need to activate the service and setup your app - you can find instructions on the next section.

You need to open the app: you'll not receive either an in-app notification or a text message.

We have a dedicated website for that. Just follow these steps.

1. Download an OTP app

You'll need an app on your device to create the OTP. There are lots of free apps and you can use whatever you prefer: we suggest two, one by Microsoft and one by Google, available on all Android and all Apple device.

Android devices apps

• Google authenticator
• Microsoft authenticator

Apple devices apps

• Google authenticator
• Microsoft authenticator

Browser extensions

You can use a plugin for your browser too

• Authenticator (Google Chrome)
• Authenticator (Mozilla Firefox)
• Authenticator (Ms Edge)

Check the guide if you need help.

2. Go to the website

Out two-factor authentication website will lead you through a wizard and you'll see a page with a QR code and a secret numeric code you'll need to setup your app.

Open the app on your device and add an account, usually tapping on the plus/+ icon, choose between scanning the QR code or entering/copypasting the secret numeric code, then do what you choose.

Important: if you need multiple devices, you need to scan the QR/enter the code now on all devices, before the next step.

3. Enter the OTP

Right after scanning the QR/entering the code, the app should immediately start to create OTPs. Enter a valid OTP in the textbox near the QR code to confirm and complete the activation.

Extra: enter your phone number

You'll be asked to enter your phone number: this can be useful if you need to deactivate the service later on.

If you have an italian phone number and you prefer to have this safety measure, enter it in the textbox and confirm: you'll receive a text message with a code, copy the code in the textbox on the right, confirm, and it's done.

If you can't or don't want, just press on the link below to return at the homepage.

You can change your device and you can have more than one. Just remember that having more than one device weakens your account safety: be careful.

Add a new device

You can't.

You need to de-activate the service, remove your OTP code generator from any app and activate everything from scratch on all devices.

Deactivate the service

If you lost your device, you changed it or for whatever other reason you need to deactivate the service there are two steps to do:

1. deactivate the service on the website: on the two-factor authentication website press the button to deactivate the app and follow the wizard. You can deactivate the service via the app itself, SPID or the phone number you entered during the activation. If none of these is viable, contact us: you'll find a link at bottom page
2. deactivate the service on your app (if you can): usually you need to access the app, tap and keep pressing on the OTP, after a while you should see an icon of a trash bin, a cross or something similar: tap it and you'll deactivate the service on your app.

I'm not receiving the text message or the notification with the OTP (token)

That's correct: there isn't a text message or a notification. You need to open the app and read the OTP from there.

I can't see the OTP (token)

Usually it's because the activation wasn't completed.

Go on the website: if the service is "active", deactivate it and start again; if it's not active, ask to create a new secret and start the activation from the step 2.

OTP code (token) is expired

Check that date and time of your device are correct. If they are not correct, correct them. If they are correct, deactivate the service and start the activation from the beginning.

I still have a problem

Contact us!